/******************************************************************
 * Filename:userMgntApi.c
 * Description:user mangement related interface function
 * Version:V_1.0	Sept-27-2019
 * need to 
 * Copyright:HISOME <www.hisome.com.>
 * Author:Gaoy
 * EMail:gaoy@hisome.com
 ******************************************************************/
#include "userMgntApi.h"




HisomeUser g_loginUsers[MAX_ONLINE_USERNUM];
GUIClient g_GUIClientList[NVR_MAX_GUICLIENT_NUM];
int    g_needCRTE_UserMgntDB=1;
bool   g_dbsToBakFile=false;


const char * CRTE_UserMgnt_GroupsTbl = "CREATE TABLE IF NOT EXISTS %s ("\
                "groupName TEXT NOT NULL UNIQUE, "\
                "channels  TEXT NOT NULL DEFAULT \"noneChannels\","\
                "preview INT NOT NULL DEFAULT (0),"\
                "replay INT NOT NULL DEFAULT (0),"\
                "userMgnt INT NOT NULL DEFAULT (0),"\
                "PTZ INT NOT NULL DEFAULT (0),"\
                "storeMgnt INT NOT NULL DEFAULT (0),"\
                "sysCfg INT NOT NULL DEFAULT (0),"\
                "eventCfg INT NOT NULL DEFAULT (0),"\
                "networkCfg INT NOT NULL DEFAULT (0),"\
                "defaultUpgrade INT NOT NULL DEFAULT (0),"\
                "fileBackup INT NOT NULL DEFAULT (0),"\
                "ipcCfg INT NOT NULL DEFAULT (0),"\
                "sysInfo INT NOT NULL DEFAULT (0),"\
                "otherCfg INT NOT NULL DEFAULT (0),"\
                "remarks  TEXT)";
const char * CRTE_UserMgnt_UsersTbl ="CREATE TABLE IF NOT EXISTS %s ("\
                "userName TEXT  UNIQUE NOT NULL,"\
                "groupName TEXT NOT NULL,"\
                "userTextPWD TEXT NOT NULL,"\
                "user9CellPWD TEXT,"\
                "channels  TEXT NOT NULL DEFAULT \"noneChannels\","\
                "preview INT NOT NULL DEFAULT (0),"\
                "replay INT NOT NULL DEFAULT (0),"\
                "userMgnt INT NOT NULL DEFAULT (0),"\
                "PTZ INT NOT NULL DEFAULT (0),"\
                "storeMgnt INT NOT NULL DEFAULT (0),"\
                "sysCfg INT NOT NULL DEFAULT (0),"\
                "eventCfg INT NOT NULL DEFAULT (0),"\
                "networkCfg INT NOT NULL DEFAULT (0),"\
                "defaultUpgrade INT NOT NULL DEFAULT (0),"\
                "fileBackup INT NOT NULL DEFAULT (0),"\
                "ipcCfg INT NOT NULL DEFAULT (0),"\
                "sysInfo INT NOT NULL DEFAULT (0),"\
                "otherCfg INT NOT NULL DEFAULT (0),"\
                "errLoginNum INT NOT NULL DEFAULT (0),"\
                "lockTime BIGINT NOT NULL DEFAULT (0),"\
                "protectAnswer1 TEXT,"\
                "protectAnswer2 TEXT,"\
                "protectAnswer3 TEXT,"\
                "actived INT DEFAULT (0),"\
                "remarks  TEXT  NOT NULL DEFAULT [can delete])";
int userMgnt_fillDB(sqlite3 * userMgntDB){
 if(g_needCRTE_UserMgntDB){
        STD_print("t1");
        userMgnt_addDftUser();
        if(SQLITE_OK != db_createGeneralTbl(userMgntDB,CRTE_UserMgnt_GroupsTbl,USERMGNT_GROUPS_TBL)){
            PRTLOG_ERR("Create table %s in database %s Fail",USERMGNT_GROUPS_TBL,USERMGNT_DB);
            return MYSQLITE3_CREATE_TABLE_FAIL;
        }
        if(SQLITE_OK != db_createGeneralTbl(userMgntDB,CRTE_UserMgnt_UsersTbl,USERMGNT_USERS_TBL)){
            PRTLOG_ERR("Create table %s in database %s Fail",USERMGNT_USERS_TBL,USERMGNT_DB);
            return MYSQLITE3_CREATE_TABLE_FAIL;
        } 
        // userMgnt_addDftUser();
        return 0;
        int i;
        int ret=0;
        #define DEFAULT_USER (3)
        HisomeGroup factoryGroup;
        HisomeGroup rootGroup;
        HisomeUser  factoryUser[DEFAULT_USER];
        char factoryUserName[DEFAULT_USER][128]={"admin","zzhisome","rootcm9vdA=="};
        char factoryGroupName[128]={"admin"};
        //add default group
        
        apiUsrMgnt_resetHisomeGroup(&factoryGroup,1);
        strncpy(factoryGroup.groupName,factoryGroupName,strlen(factoryGroupName));
        strncpy(factoryGroup.remarks,"can not delete",strlen("can not delete"));    
        if(MYSQLITE3_OK != apiUsrMgnt_groupAdd(userMgntDB,&factoryGroup)){ 
            return MYSQLITE3_TRANS_COMMIT_FAIL;
        }
                
        apiUsrMgnt_resetHisomeGroup(&rootGroup,1);
        strncpy(rootGroup.groupName,"adminYWRtaW4=",strlen("adminYWRtaW4="));
        strncpy(rootGroup.remarks,"can not delete",strlen("can not delete")); 
        if(MYSQLITE3_OK != apiUsrMgnt_groupAdd(userMgntDB,&rootGroup)){ 
            return MYSQLITE3_TRANS_COMMIT_FAIL;
        }
                
        //add default users
        for(i=0;i<DEFAULT_USER;i++){
            apiUsrMgnt_resetHisomeUser(&factoryUser[i],1);
            strncpy(factoryUser[i].userName,factoryUserName[i],strlen(factoryUserName[i]));
            if(i==0){
                strncpy(factoryUser[i].userTextPWD,MDString("111111"),strlen(MDString("111111")));
                
            }else{
                strncpy(factoryUser[i].userTextPWD,MDString(factoryUserName[i]),strlen(MDString(factoryUserName[i])));
            }
            strncpy(factoryUser[i].user9CellPWD,"321478965",strlen("321478965"));
            /*
                    factory Jiugongge(9Cell) pwd
                    1<-- 2<-- <--3
                    |
                    4    5<-- <--6
                    |            |
                    7--> 8--> -->9
            */
            strncpy(factoryUser[i].protectAnswer1,"HISOME",strlen("HISOME"));
            strncpy(factoryUser[i].protectAnswer2,"Hangzhou",strlen("Hangzhou"));
            strncpy(factoryUser[i].protectAnswer3,"ZhengZhou",strlen("ZhengZhou"));
            if(i >= 1)
                factoryUser[i].actived=1;
            else
                factoryUser[i].actived=0;
            if(i >= 2){
                memcpy(&factoryUser[i].group,&rootGroup,sizeof(rootGroup));
            }else{
                memcpy(&factoryUser[i].group,&factoryGroup,sizeof(factoryGroup));
            }
            apiUsrMgnt_resetHisomeAccess(&factoryUser[i].userAccess,1);
            // if(i==2){
            //     factoryUser[i].userAccess.preview=0;
            //     factoryUser[i].userAccess.replay=0;
            // }
            strncpy(factoryUser[i].remarks,"can not delete",strlen("can not delete"));
            ret += apiUsrMgnt_userAdd(userMgntDB,NULL,&factoryUser[i]); 
        }
        if(MYSQLITE3_OK != ret){ 
            return MYSQLITE3_TRANS_COMMIT_FAIL;
        }
  }
//   userMgnt_addDftUser();
  return MYSQLITE3_OK;
}
int userMgnt_DbmemToFile(sqlite3 * userMgntDB,char *fileName,int line){
    // int ret=0;
    // remove("/var/run/userMgnt_bak.db"); 
    // if(userMgntDB &&  SQLITE_OK == db_FileDbSwitchMemDb(userMgntDB,"/var/run/userMgnt_bak.db",DB_MEMORY_2_FILE)){
    //     if(access("/var/run/userMgnt_bak.db",F_OK) == 0){///exist  USERMGNT_DB
    //         if(get_file_size("/var/run/userMgnt_bak.db") < 1024*15){///the size of  USERMGNT_DB is wrong <15KB
    //             PRTLOG_ERR("[%s:%d]mem backup to %s fail: size is wrong need to deleted then will reboot",fileName,line,"/var/run/userMgnt_bak.db");
    //             db_closeDb(userMgntDB);
    //         }else{
    //             if(g_dbsToBakFile == 0 )
    //                 com_fileCopy("/var/run/userMgnt_bak.db","/home/etc/userMgnt.db");//system("cp /var/run/userMgnt.db /home/etc/userMgnt.db");
    //             else
    //                 com_fileCopy("/var/run/userMgnt_bak.db","/home/etc/.userMgnt_bak.db");//system("cp /var/run/userMgnt.db /home/etc/.userMgnt_bak.db");
    //         }
    //     }else{
    //         PRTLOG_ERR("[%s:%d]mem backup to %s fail need to deleted then will reboot",fileName,line,"/var/run/userMgnt_bak.db");
    //         db_closeDb(userMgntDB);
    //     }
    // }else{
    //     ret++;
    //     PRTLOG_ERR("[%s:%d]userMgntDB is NULL or mem to file fail",fileName,line);
    // }
    // return ret;
}

///struct operate
void apiUsrMgnt_resetHisomeAccess(HisomeAccess *accsee,int enable){
    memset(accsee,0,sizeof(HisomeAccess));
    // int i=0;
    // for(i=0;i<(2*g_nvrSysInfo.recordChNum)-1;i++){
    //     if(i%2==0){
    //         if(enable){
    //             accsee->channels[i]='1';  
    //         }else{
    //             accsee->channels[i]='0';  
    //         }
    //     }else{
    //         accsee->channels[i]=',';
    //     }
    // }
    accsee->preview = enable?1:0;
    accsee->replay = enable?1:0;
    accsee->userMgnt = enable?1:0;
    accsee->PTZ = enable?1:0;
    accsee->storeMgnt = enable?1:0;
    accsee->sysCfg = enable?1:0;
    accsee->eventCfg = enable?1:0;
    accsee->networkCfg = enable?1:0;
    accsee->defaultUpgrade = enable?1:0;
    accsee->fileBackup = enable?1:0;
    accsee->ipcCfg = enable?1:0;
    accsee->sysInfo = enable?1:0;
    accsee->otherCfg = enable?1:0;
}
void apiUsrMgnt_resetHisomeGroup(HisomeGroup *group,int enable){
    memset(group,0,sizeof(HisomeGroup));
    apiUsrMgnt_resetHisomeAccess(&group->groupAccess,enable);
}
void apiUsrMgnt_resetHisomeUser(HisomeUser *user,int enable){
    memset(user,0,sizeof(HisomeUser));
    apiUsrMgnt_resetHisomeAccess(&user->userAccess,enable);
}
///group operate
int apiUsrMgnt_groupIsExist(sqlite3 *db,HisomeGroup *group){
    int rc=0; 
    char cmd[HISOME_LEN_8192]={'\0'};
    char **qResult=NULL;
    char *errMsg;
    int rows,columns;
    sprintf(cmd,"select groupName from %s where groupName=\"%s\"",USERMGNT_GROUPS_TBL,group->groupName);
    rc = sqlite3_get_table(db,cmd,&qResult,&rows,&columns,&errMsg);
    if(rc != SQLITE_OK){
        PRTLOG_ERR("select table:%s fail:SQL error: %s\n",USERMGNT_GROUPS_TBL,errMsg);
        sqlite3_free(errMsg);
        return EXISTED;
    }else{
        if(qResult)sqlite3_free_table(qResult);
        if(rows>0)
            return EXISTED;
        else
            return NOT_EXIST;
    }
}
int apiUsrMgnt_groupAdd(sqlite3 *db,HisomeGroup *group){
     if(group == NULL ||  group->groupName==NULL){
        PRTLOG_ERR("group or  group->groupName is null");
        return -1;
     }else{
         if(EXISTED == apiUsrMgnt_groupIsExist(db,group)){
            PRTLOG_ERR("group:%s is  exist",group->groupName)
            return MYSQLITE3_OK;
        }else{
            char cmd[HISOME_LEN_4096]={'\0'};
            sprintf(cmd,"INSERT INTO %s values(\"%s\",\"%s\",%d,%d,"\
            "%d,%d,%d,%d,%d,"\
            "%d,%d,%d,%d,"\
            "%d,%d,\"%s\")",
            USERMGNT_GROUPS_TBL,group->groupName,group->groupAccess.channels,group->groupAccess.preview,group->groupAccess.replay,
            group->groupAccess.userMgnt,group->groupAccess.PTZ,group->groupAccess.storeMgnt,group->groupAccess.sysCfg,group->groupAccess.eventCfg,
            group->groupAccess.networkCfg,group->groupAccess.defaultUpgrade,group->groupAccess.fileBackup,group->groupAccess.ipcCfg,
            group->groupAccess.sysInfo,group->groupAccess.otherCfg,group->remarks);
            return  db_generalExec(db, cmd);
        }
     }
}
int apiUsrMgnt_groupDelete(sqlite3 *db,HisomeGroup *group){
     if(group == NULL ||  group->groupName==NULL){
        PRTLOG_ERR("group or  group->groupName is null");
        return -1;
     }else{
        if(NOT_EXIST == apiUsrMgnt_groupIsExist(db,group)){
            PRTLOG_ERR("group:%s is not exist",group->groupName)
            return MYSQLITE3_OK;
        }else{
            char cmd[4096]={'\0'};
            sprintf(cmd,"delete from %s  where groupName=\"%s\";",USERMGNT_GROUPS_TBL,group->groupName);
            if(db_generalExec(db, cmd)==MYSQLITE3_OK){
                int rc=0; 
                char cmd[HISOME_LEN_8192]={'\0'};
                char **qResult=NULL;
                char *errMsg;
                int rows,columns;
                sprintf(cmd,"select * from %s where groupName=\"%s\";",USERMGNT_USERS_TBL,group->groupName);
                rc = sqlite3_get_table(db,cmd,&qResult,&rows,&columns,&errMsg);
                if(rc != SQLITE_OK){
                    PRTLOG_ERR("select table:%s fail:SQL error: %s\n",USERMGNT_USERS_TBL,errMsg);
                    sqlite3_free(errMsg);
                    return EXISTED;
                }else{
                    if(qResult)sqlite3_free_table(qResult);
                    if(rows>0){
                        memset(cmd,0,sizeof(cmd));
                        sprintf(cmd,"delete  from %s  where groupName=\"%s\";",USERMGNT_USERS_TBL,group->groupName);
                        return db_generalExec(db, cmd);
                    }else{
                        return MYSQLITE3_OK;
                    }
                }
            }else{
                return MYSQLITE3_DELETE_FAIL;
            }
        }
     }
}
///user operate
int apiUsrMgnt_userIsExist(sqlite3 *db,HisomeUser *user){
    int rc=0; 
    char cmd[HISOME_LEN_8192]={'\0'};
    char **qResult=NULL;
    char *errMsg;
    int rows,columns;
    sprintf(cmd,"select userName from %s where userName=\"%s\";",USERMGNT_USERS_TBL,user->userName);
    rc = sqlite3_get_table(db,cmd,&qResult,&rows,&columns,&errMsg);
    if(rc != SQLITE_OK){
        PRTLOG_ERR("select table:%s fail:SQL error: %s\n",USERMGNT_USERS_TBL,errMsg);
        sqlite3_free(errMsg);
        return EXISTED;
    }else{
        if(qResult)sqlite3_free_table(qResult);
        if(rows>0)
            return EXISTED;
        else
            return NOT_EXIST;
    }
}
int apiUsrMgnt_userAdd(sqlite3 *db,HisomeUser *loginUser,HisomeUser *user){
    if(user == NULL ||  user->group.groupName==NULL  ||  user->userName==NULL){
        PRTLOG_ERR("user or group->groupName or user->userName is null");
        return -1;
    }else{
        if((NOT_EXIST == apiUsrMgnt_groupIsExist(db,&user->group) || EXISTED == apiUsrMgnt_userIsExist(db,user))){
            PRTLOG_ERR("group  is not exist or user has existed");
           return -2;     
        }else{
                char cmd[HISOME_LEN_8192]={'\0'};
                sprintf(cmd,"insert into %s values(\"%s\",\"%s\",\"%s\","\
                "\"%s\",\"%s\",%d,%d,%d,%d,"\
                "%d,%d,%d,%d,"\
                "%d,%d,%d,%d,"\
                "%d,%d,%d,\"%s\",\"%s\",\"%s\",%d,\"%s\");",
                USERMGNT_USERS_TBL,user->userName,user->group.groupName,user->userTextPWD,
                user->user9CellPWD,user->userAccess.channels,user->userAccess.preview,user->userAccess.replay,user->userAccess.userMgnt,user->userAccess.PTZ,
                user->userAccess.storeMgnt,user->userAccess.sysCfg,user->userAccess.eventCfg,user->userAccess.networkCfg,
                user->userAccess.defaultUpgrade,user->userAccess.fileBackup,user->userAccess.ipcCfg,user->userAccess.sysInfo,
                user->userAccess.otherCfg,user->errLoginNum,user->lockTime,user->protectAnswer1,user->protectAnswer2,user->protectAnswer3,user->actived,user->remarks);
                int rc= db_generalExec(db, cmd);
                if(rc ==MYSQLITE3_OK){
                    if(loginUser == NULL){
                            PRTLOG_DBG("default add the user:%s",user->userName);
                    }else{
                            PRTLOG_DBG("userID:%d user:%s add the user:%s",loginUser->userID,loginUser->userName,user->userName);
                    }
                }
                return rc;
        }
     }
}
int apiUsrMgnt_userDelete(sqlite3 *db,HisomeUser *loginUser,HisomeUser *user){
    if(user == NULL ||  user->group.groupName==NULL  ||  user->userName==NULL){
        PRTLOG_ERR("user or group->groupName or user->userName is null");
        return -1;
    }else{
        if(NOT_EXIST == apiUsrMgnt_userIsExist(db,user)){
            PRTLOG_ERR("user:%s  is not exist",user->userName);
            return MYSQLITE3_OK;     
        }else{
            char cmd[HISOME_LEN_8192]={'\0'};
            sprintf(cmd,"delete from \"%s\"  where userName=\"%s\";",USERMGNT_USERS_TBL,user->userName);
            int rc= db_generalExec(db, cmd);
            if(rc != MYSQLITE3_OK){
                PRTLOG_ERR("userID:%d user:%s delete the user:%s",loginUser->userID,loginUser->userName,user->userName);
            }
            return rc;
        }
     }


}

//on_LINE users operate


HisomeUser * apiUsrMgnt_findOn_LINEUser(int userID){
    int i;
    for(i=0;i<MAX_ONLINE_USERNUM;i++){
        if(g_loginUsers[i].userID == userID){
            if(g_loginUsers[i].userID != 20192020){
                int cu = time(0);
                if(cu - g_loginUsers[i].lastOperateTime > 10*60){
                    memset(&g_loginUsers[i],0,sizeof(g_loginUsers[i]));
                    return NULL;
                }else{
                    g_loginUsers[i].lastOperateTime = cu;
                    return &g_loginUsers[i];
                }
            }else{
                return &g_loginUsers[i];
            }
            
        }
    }
    return NULL;
}
void apiUsrMgnt_deleteOn_LINEUser(int userID){
    int i;
    for(i=0;i<MAX_ONLINE_USERNUM;i++){
        if(g_loginUsers[i].userID == userID){
            memset(&g_loginUsers[i],0,sizeof(g_loginUsers[i]));
        }
    }
}
int  usrMgnt_addOnineUser(HisomeUser *user){
    int i;
    for(i=0;i<MAX_ONLINE_USERNUM;i++){
        if(g_loginUsers[i].userID == 0){
            memcpy(&g_loginUsers[i],user,sizeof(HisomeUser));
            return 0;
        }
    }
    PRTLOG_ERR("%s login fail beause on_LINE users had upto MAX:64!",user->userName);
    return -1;
}


void apiUsrMgnt_POST_Login(void *data)
{
    HisomeUser recUser;
    int login_Fail=0;
    char errReason[HISOME_LEN_512]={'\0'};
    memset(&recUser,0,sizeof(recUser));
    MyHttpPack* req =(MyHttpPack*)data; 
    char userName[HISOME_LEN_256]={'\0'};
    char userPWD[HISOME_LEN_256]={'\0'};
    cJSON *root;
    root=cJSON_Parse(req->httpReq.hm->body.p);
	if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        login_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        char value[HISOME_LEN_1024];
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"userName");if(value != NULL)strcpy(userName,value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"userTextPWD");if(value != NULL)strcpy(userPWD,value);
        cJSON_Delete(root);
	}
    char **qResult=NULL;
    char *errMsg;
    int rows,columns;
    int rc =0;
    char cmd[HISOME_LEN_2048]={'\0'};
    sprintf(cmd,"select * from %s where userName=\"%s\"",USERMGNT_USERS_TBL,userName);
    rc = sqlite3_get_table(g_userMgntDb,cmd,&qResult,&rows,&columns,&errMsg);
    if(rc != SQLITE_OK){
        PRTLOG_ERR("select table:%s fail:SQL error: %s\n",USERMGNT_USERS_TBL,errMsg);
        sqlite3_free(errMsg);
        sprintf(errReason,"登录用户:%s 不存在",userName);
        login_Fail=1;
    }else{
        int j;
        for(j=0;j<columns;j++){
            if(!strcmp(qResult[j],"userName"))
                strcpy(recUser.userName,qResult[columns+j]);
            else if(!strcmp(qResult[j],"groupName"))
                strcpy(recUser.group.groupName,qResult[columns+j]);   
            else if(!strcmp(qResult[j],"userTextPWD"))
                strcpy(recUser.userTextPWD,qResult[columns+j]);    
            else if(!strcmp(qResult[j],"user9CellPWD"))
                strcpy(recUser.user9CellPWD,qResult[columns+j]);   
            else if(!strcmp(qResult[j],"channels"))
                strcpy(recUser.userAccess.channels,qResult[columns+j]);     
            else if(!strcmp(qResult[j],"preview"))
                recUser.userAccess.preview=atoi(qResult[columns+j]);  
            else if(!strcmp(qResult[j],"replay"))
                recUser.userAccess.replay=atoi(qResult[columns+j]);   
            else if(!strcmp(qResult[j],"userMgnt"))
                recUser.userAccess.userMgnt=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"PTZ"))
                recUser.userAccess.PTZ=atoi(qResult[columns+j]);    
            else if(!strcmp(qResult[j],"storeMgnt"))
                recUser.userAccess.storeMgnt=atoi(qResult[columns+j]);    
            else if(!strcmp(qResult[j],"sysCfg"))
                recUser.userAccess.sysCfg=atoi(qResult[columns+j]);    
            else if(!strcmp(qResult[j],"eventCfg"))
                recUser.userAccess.eventCfg=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"networkCfg"))
                recUser.userAccess.networkCfg=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"defaultUpgrade"))
                recUser.userAccess.defaultUpgrade=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"fileBackup"))
                recUser.userAccess.fileBackup=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"ipcCfg"))
                recUser.userAccess.ipcCfg=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"sysInfo"))
                recUser.userAccess.sysInfo=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"otherCfg"))
                recUser.userAccess.otherCfg=atoi(qResult[columns+j]);   
            else if(!strcmp(qResult[j],"errLoginNum"))
                recUser.errLoginNum=atoi(qResult[columns+j]);    
            else if(!strcmp(qResult[j],"lockTime"))
                recUser.lockTime=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"protectAnswer1"))
                strcpy(recUser.protectAnswer1,qResult[columns+j]);     
            else if(!strcmp(qResult[j],"protectAnswer1"))
                strcpy(recUser.protectAnswer1,qResult[columns+j]);     
            else if(!strcmp(qResult[j],"protectAnswer2"))
                strcpy(recUser.protectAnswer2,qResult[columns+j]);     
            else if(!strcmp(qResult[j],"protectAnswer3"))
                strcpy(recUser.protectAnswer3,qResult[columns+j]);  
            else if(!strcmp(qResult[j],"actived"))
                recUser.actived=atoi(qResult[columns+j]);        
        }
       if(qResult)sqlite3_free_table(qResult);
    }
    memset(cmd,0,sizeof(cmd));
    sprintf(cmd,"select * from %s where groupName=\"%s\"",USERMGNT_GROUPS_TBL,recUser.group.groupName);
    rc = sqlite3_get_table(g_userMgntDb,cmd,&qResult,&rows,&columns,&errMsg);
    if(rc != SQLITE_OK){
        PRTLOG_ERR("select table:%s fail:SQL error: %s\n",USERMGNT_GROUPS_TBL,errMsg);
        sqlite3_free(errMsg);
        login_Fail=1;
        sprintf(errReason,"用户组：%s 已删除，族信息获取失败",recUser.group.groupName);
    }else{
        int j;
        for(j=0;j<columns;j++){
            if(!strcmp(qResult[j],"channels"))
                strcpy(recUser.group.groupAccess.channels,qResult[columns+j]);     
            else if(!strcmp(qResult[j],"preview"))
                recUser.group.groupAccess.preview=atoi(qResult[columns+j]);  
            else if(!strcmp(qResult[j],"replay"))
                recUser.group.groupAccess.replay=atoi(qResult[columns+j]); 
            else if(!strcmp(qResult[j],"userMgnt"))
                recUser.group.groupAccess.userMgnt=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"PTZ"))
                recUser.group.groupAccess.PTZ=atoi(qResult[columns+j]);    
            else if(!strcmp(qResult[j],"storeMgnt"))
                recUser.group.groupAccess.storeMgnt=atoi(qResult[columns+j]);    
            else if(!strcmp(qResult[j],"sysCfg"))
                recUser.group.groupAccess.sysCfg=atoi(qResult[columns+j]);    
            else if(!strcmp(qResult[j],"eventCfg"))
                recUser.group.groupAccess.eventCfg=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"networkCfg"))
                recUser.group.groupAccess.networkCfg=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"defaultUpgrade"))
                recUser.group.groupAccess.defaultUpgrade=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"fileBackup"))
                recUser.group.groupAccess.fileBackup=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"ipcCfg"))
                recUser.group.groupAccess.ipcCfg=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"sysInfo"))
                recUser.group.groupAccess.sysInfo=atoi(qResult[columns+j]);     
            else if(!strcmp(qResult[j],"otherCfg"))
                recUser.group.groupAccess.otherCfg=atoi(qResult[columns+j]);    
            else if(!strcmp(qResult[j],"remarks"))
                strcpy(recUser.group.remarks,qResult[columns+j]);          
        }
        if(qResult)sqlite3_free_table(qResult);
    }
    cJSON *rsp,*rspHeader,*rspArr,*rspData;
    if(strcmp(userPWD,recUser.userTextPWD)){
        recUser.errLoginNum++;
        sprintf(errReason,"用户名或密码不正确,%d次后账户锁定",5-recUser.errLoginNum);
        login_Fail=1;
    }else{
        if(recUser.errLoginNum >=5 ){
        int cu=time(0);
        if(recUser.lockTime + USERLOGIN_LOCKTIME < cu)
                login_Fail=0;
            else{
                login_Fail=1;
                sprintf(errReason,"user:%s lock %d minutes",recUser.userName,(recUser.lockTime+USERLOGIN_LOCKTIME-cu)/60);
            }
        }else{
            login_Fail=0;
        }
    }
    

    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    char upCmd[HISOME_LEN_512]={'\0'};
    if(login_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        if(recUser.errLoginNum >=5){
            recUser.errLoginNum=5;
            recUser.lockTime = time(0);
            sprintf(upCmd,"UPDATE %s set  errLoginNum=%d,lockTime=%d where userName=\"%s\" and groupName=\"%s\";",USERMGNT_USERS_TBL,recUser.errLoginNum,recUser.lockTime,recUser.userName,recUser.group.groupName);
        }else{
            sprintf(upCmd,"UPDATE %s set  errLoginNum=%d  where userName=\"%s\" and groupName=\"%s\";",USERMGNT_USERS_TBL,recUser.errLoginNum,recUser.userName,recUser.group.groupName);
        }
        if(MYSQLITE3_OK !=  db_generalExec(g_userMgntDb,upCmd)){
            PRTLOG_DBG("exec %s fail",upCmd);
        }
        cJSON_AddNumberToObject(rspData,"errLoginNum",recUser.errLoginNum);
        cJSON_AddNumberToObject(rspData,"lock",30);
        cJSON_AddStringToObject(rspData,"reason",errReason);
        //apiOperateLog_WriteLog(recUser.group.groupName,recUser.userName,req->urlmap.ip,"登录失败",LOG_USRMGNT_TYPE);
    }else{
        // srandom(time(0));
        // recUser.userID = random()%20191016;
        // srandom(time(0));
        // recUser.userID = time(0);
        tiny_get_unique_id(&recUser.userID);
        if(recUser.userID == 20192002)
            recUser.userID++;
        recUser.loginTime = time(0);
        recUser.lastOperateTime=recUser.loginTime;
        sprintf(recUser.loginIP,"%s",req->urlmap.ip);

        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddNumberToObject(rspData,"userID",recUser.userID);
        cJSON_AddStringToObject(rspData,"userName",recUser.userName);
        cJSON_AddStringToObject(rspData,"groupName",recUser.group.groupName);
        cJSON_AddStringToObject(rspData,"channels",recUser.userAccess.channels);
        cJSON_AddNumberToObject(rspData,"preview",recUser.userAccess.preview);
        cJSON_AddNumberToObject(rspData,"replay",recUser.userAccess.replay);
        cJSON_AddNumberToObject(rspData,"userMgnt",recUser.userAccess.userMgnt);
        cJSON_AddNumberToObject(rspData,"PTZ",recUser.userAccess.PTZ);
        cJSON_AddNumberToObject(rspData,"storeMgnt",recUser.userAccess.storeMgnt);
        cJSON_AddNumberToObject(rspData,"sysCfg",recUser.userAccess.sysCfg);
        cJSON_AddNumberToObject(rspData,"eventCfg",recUser.userAccess.eventCfg);
        cJSON_AddNumberToObject(rspData,"networkCfg",recUser.userAccess.networkCfg);
        cJSON_AddNumberToObject(rspData,"defaultUpgrade",recUser.userAccess.defaultUpgrade);
        cJSON_AddNumberToObject(rspData,"fileBackup",recUser.userAccess.fileBackup);
        cJSON_AddNumberToObject(rspData,"ipcCfg",recUser.userAccess.ipcCfg);
        cJSON_AddNumberToObject(rspData,"sysInfo",recUser.userAccess.sysInfo);
        cJSON_AddNumberToObject(rspData,"otherCfg",recUser.userAccess.otherCfg);
        // cJSON_AddNumberToObject(rspData,"actived",recUser.actived);
        cJSON_AddNumberToObject(rspData,"actived",recUser.actived);
        //apiOperateLog_WriteLog(recUser.group.groupName,recUser.userName,req->urlmap.ip,"登录成功",LOG_USRMGNT_TYPE);
    
        sprintf(upCmd,"UPDATE %s set  errLoginNum=0,lockTime=0 where userName=\"%s\" and groupName=\"%s\";",USERMGNT_USERS_TBL,recUser.userName,recUser.group.groupName);
        if(MYSQLITE3_OK != db_generalExec(g_userMgntDb,upCmd)){
            PRTLOG_DBG("exec %s fail",upCmd);
        }
        recUser.lastOperateTime = time(0);
        usrMgnt_addOnineUser(&recUser);
    }
    cJSON_AddItemToArray(rsp,rspHeader);
    cJSON_AddItemToArray(rspArr,rspData);
    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp);	
}

void apiUsrMgnt_DELETE_Logout(void *data)
{
    HisomeUser *recUser=NULL;
    int logout_Fail=0;
    int ID_Fail=0;
	int userID=0;
    char errReason[HISOME_LEN_512]={'\0'};
    MyHttpPack* req =(MyHttpPack*)data; 
    cJSON *root;
    root=cJSON_Parse(req->httpReq.hm->body.p);
	if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        logout_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        userID=atoi(cJSON_GetObjectItem(root,"userID")->valuestring);
		cJSON_Delete(root);
	}
	recUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(recUser == NULL){
        sprintf(errReason,"用户已退出，请重新登录");
        logout_Fail=1;
        ID_Fail=1;
    }
	cJSON *rsp,*rspHeader,*rspArr,*rspData;
	rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(logout_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","DELETE");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
        if(ID_Fail==0){
            //apiOperateLog_WriteLog(recUser->group.groupName,recUser->userName,req->urlmap.ip,"退出登录失败",LOG_USRMGNT_TYPE);
        }
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","DELETE");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        //apiOperateLog_WriteLog(recUser->group.groupName,recUser->userName,req->urlmap.ip,"退出登录成功",LOG_USRMGNT_TYPE);
        apiUsrMgnt_deleteOn_LINEUser(userID);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }
	com_httpPack(req->httpReq.nc,rsp);
    
    cJSON_Delete(rsp);	
}

void apiUsrMgnt_userid_keepalive(void *data)
{
    HisomeUser *recUser=NULL;
    int logout_Fail=0;
    int ID_Fail=0;
	int userID=0;
    char errReason[HISOME_LEN_512]={'\0'};
    MyHttpPack* req =(MyHttpPack*)data; 
    cJSON *root;
    root=cJSON_Parse(req->httpReq.hm->body.p);
	if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        logout_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        userID=atoi(cJSON_GetObjectItem(root,"userID")->valuestring);
		cJSON_Delete(root);
	}
	recUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(recUser == NULL){
        sprintf(errReason,"没有此用户");
        logout_Fail=1;
        ID_Fail=1;
    }else{
        recUser->lastOperateTime = time(0);
    }

	cJSON *rsp,*rspHeader,*rspArr,*rspData;
	rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(logout_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","DELETE");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddItemToArray(rsp,rspHeader);
    }
	com_httpPack(req->httpReq.nc,rsp);
    
    cJSON_Delete(rsp);	
}



void apiUsrMgnt_QUERY_userMsg(void *data)
{
    HisomeUser *loginUser;
    int usrMsg_Fail=0;
    char errReason[HISOME_LEN_512]={'\0'};
    MyHttpPack* req =(MyHttpPack*)data; 
    int userID=-1;
    int usrMgntType=-1;
    cJSON *root;
    int i,j;
    root=cJSON_Parse(req->httpReq.hm->body.p);
	if (!root) {
        usrMsg_Fail=1;
        sprintf(errReason,"Recv Data is Wrong");
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        char value[HISOME_LEN_1024];
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"userID");if(value != NULL)userID=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"type");
        if(value != NULL){
            if(!strcmp(value,"users")){
                 usrMgntType=1;   
            }else if(!strcmp(value,"groups")){
                usrMgntType=0;   
            }
        }else{
            usrMgntType=1;
        }
        cJSON_Delete(root);
    }
    loginUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(loginUser == NULL){
        sprintf(errReason,"用户已退出，请重新登录");
        usrMsg_Fail=1;
    }else{
        if(loginUser->userAccess.userMgnt==0){
            sprintf(errReason,"操作权限受限，操作失败");
            usrMsg_Fail=1;
        }
    }
    char **qResult=NULL;
    char *errMsg;
    int rows,columns;
    int rc =0;
    char cmd[HISOME_LEN_2048]={'\0'};
    void *usrMgntData=NULL;
    if(usrMgntType == 1){
        sprintf(cmd,"select * from %s ;",USERMGNT_USERS_TBL);
    }else if(usrMgntType == 0){
        sprintf(cmd,"select * from %s ;",USERMGNT_GROUPS_TBL);
    }else{
        usrMsg_Fail=1;
        sprintf(errReason,"获取信息类型不支持");
    }
    if(usrMsg_Fail==0){
        rc = sqlite3_get_table(g_userMgntDb,cmd,&qResult,&rows,&columns,&errMsg);
        if(rc != SQLITE_OK){
            PRTLOG_ERR("select table:%s fail:SQL error: %s\n",USERMGNT_USERS_TBL,errMsg);
            sqlite3_free(errMsg);
            usrMsg_Fail=1;
            sprintf(errReason,"信息获取失败");
        }else{
             if(usrMgntType==1){
                usrMgntData = (HisomeUser *)malloc(sizeof(HisomeUser)*rows);
                memset(usrMgntData,0,sizeof(HisomeUser)*rows);
                HisomeUser * usrUsers=(HisomeUser *)usrMgntData;
                for(i=0;i<rows;i++){
                    for(j=0;j<columns;j++){
                        if(!strcmp(qResult[j],"userName")){
                            strcpy(usrUsers[i].userName,qResult[columns*(i+1)+j]);
                        }else if(!strcmp(qResult[j],"groupName"))
                            strcpy(usrUsers[i].group.groupName,qResult[columns*(i+1)+j]);   
                        else if(!strcmp(qResult[j],"userTextPWD"))
                            strcpy(usrUsers[i].userTextPWD,qResult[columns*(i+1)+j]);    
                        else if(!strcmp(qResult[j],"user9CellPWD"))
                            strcpy(usrUsers[i].user9CellPWD,qResult[columns*(i+1)+j]);   
                        else if(!strcmp(qResult[j],"channels"))
                            strcpy(usrUsers[i].userAccess.channels,qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"preview"))
                            usrUsers[i].userAccess.preview=atoi(qResult[columns*(i+1)+j]);  
                        else if(!strcmp(qResult[j],"replay"))
                            usrUsers[i].userAccess.replay=atoi(qResult[columns*(i+1)+j]);  
                        else if(!strcmp(qResult[j],"userMgnt"))
                            usrUsers[i].userAccess.userMgnt=atoi(qResult[columns*(i+1)+j]);   
                        else if(!strcmp(qResult[j],"PTZ"))
                            usrUsers[i].userAccess.PTZ=atoi(qResult[columns*(i+1)+j]);    
                        else if(!strcmp(qResult[j],"storeMgnt"))
                            usrUsers[i].userAccess.storeMgnt=atoi(qResult[columns*(i+1)+j]);    
                        else if(!strcmp(qResult[j],"sysCfg"))
                            usrUsers[i].userAccess.sysCfg=atoi(qResult[columns*(i+1)+j]);    
                        else if(!strcmp(qResult[j],"eventCfg"))
                            usrUsers[i].userAccess.eventCfg=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"networkCfg"))
                            usrUsers[i].userAccess.networkCfg=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"defaultUpgrade"))
                            usrUsers[i].userAccess.defaultUpgrade=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"fileBackup"))
                            usrUsers[i].userAccess.fileBackup=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"ipcCfg"))
                            usrUsers[i].userAccess.ipcCfg=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"sysInfo"))
                            usrUsers[i].userAccess.sysInfo=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"otherCfg"))
                            usrUsers[i].userAccess.otherCfg=atoi(qResult[columns*(i+1)+j]);   
                        else if(!strcmp(qResult[j],"errLoginNum"))
                            usrUsers[i].errLoginNum=atoi(qResult[columns*(i+1)+j]);    
                        else if(!strcmp(qResult[j],"lockTime"))
                            usrUsers[i].lockTime=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"protectAnswer1"))
                            strcpy(usrUsers[i].protectAnswer1,qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"protectAnswer1"))
                            strcpy(usrUsers[i].protectAnswer1,qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"protectAnswer2"))
                            strcpy(usrUsers[i].protectAnswer2,qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"protectAnswer3"))
                            strcpy(usrUsers[i].protectAnswer3,qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"remarks"))
                            strcpy(usrUsers[i].remarks,qResult[columns*(i+1)+j]);  
                        else if(!strcmp(qResult[j],"actived"))
                            usrUsers[i].actived=atoi(qResult[columns*(i+1)+j]);  
                    }
                }
             }else if(usrMgntType==0){
                usrMgntData = (HisomeGroup *)malloc(sizeof(HisomeGroup)*rows);
                memset(usrMgntData,0,sizeof(HisomeGroup)*rows);
                HisomeGroup * usrGroups=(HisomeGroup *)usrMgntData;
                for(i=0;i<rows;i++){
                    for(j=0;j<columns;j++){
                        if(!strcmp(qResult[j],"groupName"))
                            strcpy(usrGroups[i].groupName,qResult[columns*(i+1)+j]);
                        else if(!strcmp(qResult[j],"channels"))
                            strcpy(usrGroups[i].groupAccess.channels,qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"preview"))
                            usrGroups[i].groupAccess.preview=atoi(qResult[columns*(i+1)+j]);  
                        else if(!strcmp(qResult[j],"replay"))
                            usrGroups[i].groupAccess.replay=atoi(qResult[columns*(i+1)+j]); 
                        else if(!strcmp(qResult[j],"userMgnt"))
                            usrGroups[i].groupAccess.userMgnt=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"PTZ"))
                            usrGroups[i].groupAccess.PTZ=atoi(qResult[columns*(i+1)+j]);    
                        else if(!strcmp(qResult[j],"storeMgnt"))
                            usrGroups[i].groupAccess.storeMgnt=atoi(qResult[columns*(i+1)+j]);    
                        else if(!strcmp(qResult[j],"sysCfg"))
                            usrGroups[i].groupAccess.sysCfg=atoi(qResult[columns*(i+1)+j]);    
                        else if(!strcmp(qResult[j],"eventCfg"))
                            usrGroups[i].groupAccess.eventCfg=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"networkCfg"))
                            usrGroups[i].groupAccess.networkCfg=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"defaultUpgrade"))
                            usrGroups[i].groupAccess.defaultUpgrade=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"fileBackup"))
                            usrGroups[i].groupAccess.fileBackup=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"ipcCfg"))
                            usrGroups[i].groupAccess.ipcCfg=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"sysInfo"))
                            usrGroups[i].groupAccess.sysInfo=atoi(qResult[columns*(i+1)+j]);     
                        else if(!strcmp(qResult[j],"otherCfg"))
                            usrGroups[i].groupAccess.otherCfg=atoi(qResult[columns*(i+1)+j]);    
                        else if(!strcmp(qResult[j],"remarks"))
                            strcpy(usrGroups[i].remarks,qResult[columns*(i+1)+j]);      
                    }
                }
             }
             if(qResult)sqlite3_free_table(qResult);
        }
    }
    cJSON *rsp,*rspHeader,*rspArr;
    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    if(usrMsg_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","QUERY");
        cJSON_AddItemToArray(rsp,rspHeader);
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON *rspData = cJSON_CreateObject();
        cJSON_AddStringToObject(rspData,"reason",errReason);
        cJSON_AddItemToArray(rspArr,rspData);
        if(loginUser!=NULL){
            if(usrMgntType == 1)
                if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"获取用户列表失败",LOG_USRMGNT_TYPE);
            if(usrMgntType == 0)
                if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"获取用户组列表失败",LOG_USRMGNT_TYPE);
        }
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","QUERY");
        cJSON_AddItemToArray(rsp,rspHeader);
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        for(i=0;i<rows;i++){
            cJSON *rspData = cJSON_CreateObject();
            if(usrMgntType == 1){
                HisomeUser * usrUsers=(HisomeUser *)usrMgntData;
                cJSON_AddStringToObject(rspData,"userName",usrUsers[i].userName);
                cJSON_AddStringToObject(rspData,"groupName",usrUsers[i].group.groupName);
                cJSON_AddStringToObject(rspData,"channels",usrUsers[i].userAccess.channels);
                cJSON_AddNumberToObject(rspData,"preview",usrUsers[i].userAccess.preview);
                cJSON_AddNumberToObject(rspData,"replay",usrUsers[i].userAccess.replay);
                cJSON_AddNumberToObject(rspData,"userMgnt",usrUsers[i].userAccess.userMgnt);
                cJSON_AddNumberToObject(rspData,"PTZ",usrUsers[i].userAccess.PTZ);
                cJSON_AddNumberToObject(rspData,"storeMgnt",usrUsers[i].userAccess.storeMgnt);
                cJSON_AddNumberToObject(rspData,"sysCfg",usrUsers[i].userAccess.sysCfg);
                cJSON_AddNumberToObject(rspData,"eventCfg",usrUsers[i].userAccess.eventCfg);
                cJSON_AddNumberToObject(rspData,"networkCfg",usrUsers[i].userAccess.networkCfg);
                cJSON_AddNumberToObject(rspData,"defaultUpgrade",usrUsers[i].userAccess.defaultUpgrade);
                cJSON_AddNumberToObject(rspData,"fileBackup",usrUsers[i].userAccess.fileBackup);
                cJSON_AddNumberToObject(rspData,"ipcCfg",usrUsers[i].userAccess.ipcCfg);
                cJSON_AddNumberToObject(rspData,"sysInfo",usrUsers[i].userAccess.sysInfo);
                cJSON_AddNumberToObject(rspData,"otherCfg",usrUsers[i].userAccess.otherCfg);
                cJSON_AddNumberToObject(rspData,"actived",usrUsers[i].actived);
                cJSON_AddStringToObject(rspData,"remarks",usrUsers[i].remarks);
            }else if(usrMgntType == 0){
                HisomeGroup * usrGroups=(HisomeGroup *)usrMgntData;
                cJSON_AddStringToObject(rspData,"groupName",usrGroups[i].groupName);
                cJSON_AddStringToObject(rspData,"channels",usrGroups[i].groupAccess.channels);
                cJSON_AddNumberToObject(rspData,"preview",usrGroups[i].groupAccess.preview);
                cJSON_AddNumberToObject(rspData,"replay",usrGroups[i].groupAccess.replay);
                cJSON_AddNumberToObject(rspData,"userMgnt",usrGroups[i].groupAccess.userMgnt);
                cJSON_AddNumberToObject(rspData,"PTZ",usrGroups[i].groupAccess.PTZ);
                cJSON_AddNumberToObject(rspData,"storeMgnt",usrGroups[i].groupAccess.storeMgnt);
                cJSON_AddNumberToObject(rspData,"sysCfg",usrGroups[i].groupAccess.sysCfg);
                cJSON_AddNumberToObject(rspData,"eventCfg",usrGroups[i].groupAccess.eventCfg);
                cJSON_AddNumberToObject(rspData,"networkCfg",usrGroups[i].groupAccess.networkCfg);
                cJSON_AddNumberToObject(rspData,"defaultUpgrade",usrGroups[i].groupAccess.defaultUpgrade);
                cJSON_AddNumberToObject(rspData,"fileBackup",usrGroups[i].groupAccess.fileBackup);
                cJSON_AddNumberToObject(rspData,"ipcCfg",usrGroups[i].groupAccess.ipcCfg);
                cJSON_AddNumberToObject(rspData,"sysInfo",usrGroups[i].groupAccess.sysInfo);
                cJSON_AddNumberToObject(rspData,"otherCfg",usrGroups[i].groupAccess.otherCfg);
                cJSON_AddStringToObject(rspData,"remarks",usrGroups[i].remarks);
            }
            cJSON_AddItemToArray(rspArr,rspData);
        }
    }
    if(usrMgntData != NULL)free(usrMgntData);
    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp);	
}

void apiUsrMgnt_POST_groupAdd(void *data)
{
    HisomeUser *recUser=NULL;
    HisomeGroup group;
    int add_Fail=0;
    int userID=0;
    int rc;
    char errReason[HISOME_LEN_512]={'\0'};
    MyHttpPack* req =(MyHttpPack*)data; 
    cJSON *root,*test;
    root=cJSON_Parse(req->httpReq.hm->body.p);
    if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        add_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        userID=atoi(cJSON_GetObjectItem(root,"userID")->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"groupName")))
            strcpy(group.groupName,test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"channels")))
            strcpy(group.groupAccess.channels,test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"preview")))
           group.groupAccess.preview=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"replay")))
           group.groupAccess.replay=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"userMgnt")))
           group.groupAccess.userMgnt=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"PTZ")))
           group.groupAccess.PTZ=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"storeMgnt")))
           group.groupAccess.storeMgnt=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"sysCfg")))
           group.groupAccess.sysCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"eventCfg")))
           group.groupAccess.eventCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"networkCfg")))
           group.groupAccess.networkCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"defaultUpgrade")))
           group.groupAccess.defaultUpgrade=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"fileBackup")))
           group.groupAccess.fileBackup=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"ipcCfg")))
           group.groupAccess.ipcCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"sysInfo")))
           group.groupAccess.sysInfo=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"otherCfg")))
           group.groupAccess.otherCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"remarks")))
            strcpy(group.remarks,test->valuestring);
		cJSON_Delete(root);
	}
    recUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(recUser == NULL){
        sprintf(errReason,"用户已退出，请重新登录");
        add_Fail=1;
    }else{
        if(recUser->userAccess.userMgnt==0){
            sprintf(errReason,"操作权限受限，操作失败");
            add_Fail=1;
        }else{
            rc=apiUsrMgnt_groupAdd(g_userMgntDb,&group);
            if(rc!=MYSQLITE3_OK){
                sprintf(errReason,"组名已存在，添加失败");
                add_Fail=1;
            }
        }
    }
    cJSON *rsp,*rspHeader,*rspArr,*rspData;
    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(add_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
        if(recUser!=NULL){}
            ////apiOperateLog_WriteLog(recUser->group.groupName,recUser->userName,req->urlmap.ip,"添加组失败",LOG_USRMGNT_TYPE);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        //apiOperateLog_WriteLog(recUser->group.groupName,recUser->userName,req->urlmap.ip,"添加组成功",LOG_USRMGNT_TYPE);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }
    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp);
}

void apiUsrMgnt_DELETE_groupDelete(void *data)
{
    HisomeUser *recUser=NULL;
    HisomeGroup group;
    int delete_Fail=0,ID_Fail=0;
    int userID=0;
    int rc;
    char errReason[HISOME_LEN_512]={'\0'};
    MyHttpPack* req =(MyHttpPack*)data; 
    cJSON *root,*test;
    root=cJSON_Parse(req->httpReq.hm->body.p);
    if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        delete_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        userID=atoi(cJSON_GetObjectItem(root,"userID")->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"groupName")))
            strcpy(group.groupName,cJSON_GetObjectItem(root,"groupName")->valuestring);
        else{
            sprintf(errReason,"请输入要删除的组名");
            delete_Fail=1;
        }
		cJSON_Delete(root);
	}
    recUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(recUser == NULL){
        sprintf(errReason,"用户已退出，请重新登录");
        ID_Fail=1;
        delete_Fail=1;
    }else{
        if(recUser->userAccess.userMgnt==0){
            sprintf(errReason,"操作权限受限，操作失败");
            delete_Fail=1;
        }else{
                rc=apiUsrMgnt_groupDelete(g_userMgntDb,&group);
                if(rc!=MYSQLITE3_OK){
                    sprintf(errReason,"删除组%s失败!",group.groupName);
                    delete_Fail=1;
                }
        }
    }
    cJSON *rsp,*rspHeader,*rspArr,*rspData;
    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(delete_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","DELETE");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
        if(ID_Fail==0){
            //apiOperateLog_WriteLog(recUser->group.groupName,recUser->userName,req->urlmap.ip,"删除组失败",LOG_USRMGNT_TYPE);
        }
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","DELETE");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        //apiOperateLog_WriteLog(recUser->group.groupName,recUser->userName,req->urlmap.ip,"删除组成功",LOG_USRMGNT_TYPE);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }
    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp);
}

void apiUsrMgnt_POST_groupModify(void *data)
{
    HisomeUser *recUser=NULL;
    HisomeGroup group;
    int modify_Fail=0;
    int userID=0;
    int rc;
    char errReason[HISOME_LEN_512]={'\0'};
    char newgroupName[HISOME_LEN_128]={'\0'};
    char cmd[4096]={'\0'};
    MyHttpPack* req =(MyHttpPack*)data; 
    cJSON *root,*test;
    root=cJSON_Parse(req->httpReq.hm->body.p);
    if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        modify_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        userID=atoi(cJSON_GetObjectItem(root,"userID")->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"oldgroupName")))
            strcpy(group.groupName,test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"newgroupName")))
            strcpy(newgroupName,test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"channels")))
            strcpy(group.groupAccess.channels,test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"preview")))
            group.groupAccess.preview=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"replay")))    
            group.groupAccess.replay=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"userMgnt"))) 
            group.groupAccess.userMgnt=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"PTZ"))) 
            group.groupAccess.PTZ=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"storeMgnt"))) 
            group.groupAccess.storeMgnt=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"sysCfg"))) 
            group.groupAccess.sysCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"eventCfg"))) 
            group.groupAccess.eventCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"networkCfg"))) 
            group.groupAccess.networkCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"defaultUpgrade"))) 
            group.groupAccess.defaultUpgrade=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"fileBackup"))) 
            group.groupAccess.fileBackup=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"ipcCfg"))) 
            group.groupAccess.ipcCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"sysInfo"))) 
            group.groupAccess.sysInfo=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"otherCfg"))) 
            group.groupAccess.otherCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"remarks"))) 
            strcpy(group.remarks,test->valuestring);
		cJSON_Delete(root);
	}
    recUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(recUser == NULL){
        sprintf(errReason,"用户已退出，请重新登录");
        modify_Fail=1;
    }else{
        if(recUser->userAccess.userMgnt==0){
            sprintf(errReason,"操作权限受限，操作失败");
            modify_Fail=1;
        }else{
            sprintf(cmd,"update \"%s\" set groupName=\"%s\",channels=\"%s\",preview=%d,replay=%d,PTZ=%d,"\
            "storeMgnt=%d,sysCfg=%d,eventCfg=%d,networkCfg=%d,"\
            "defaultUpgrade=%d,fileBackup=%d,ipcCfg=%d,sysInfo=%d,"\
            "otherCfg=%d,remarks=\"%s\"  where groupName=\"%s\";",
            USERMGNT_GROUPS_TBL,newgroupName,group.groupAccess.channels,group.groupAccess.preview,group.groupAccess.replay,group.groupAccess.PTZ,
            group.groupAccess.storeMgnt,group.groupAccess.sysCfg,group.groupAccess.eventCfg,group.groupAccess.networkCfg,
            group.groupAccess.defaultUpgrade,group.groupAccess.fileBackup,group.groupAccess.ipcCfg,group.groupAccess.sysInfo,
            group.groupAccess.otherCfg,group.remarks,group.groupName);
            rc=db_generalExec(g_userMgntDb,cmd);
            if(rc!=MYSQLITE3_OK){
                sprintf(errReason,"修改的组名不存在，修改失败");
                modify_Fail=1;
            }
            memset(cmd,0,sizeof(cmd));
            sprintf(cmd,"update \"%s\" set groupName=\"%s\",channels=\"%s\",preview=%d,replay=%d,PTZ=%d,"\
            "storeMgnt=%d,sysCfg=%d,eventCfg=%d,networkCfg=%d,"\
            "defaultUpgrade=%d,fileBackup=%d,ipcCfg=%d,sysInfo=%d,"\
            "otherCfg=%d  where groupName=\"%s\";",
            USERMGNT_USERS_TBL,newgroupName,group.groupAccess.channels,group.groupAccess.preview,group.groupAccess.replay,group.groupAccess.PTZ,
            group.groupAccess.storeMgnt,group.groupAccess.sysCfg,group.groupAccess.eventCfg,group.groupAccess.networkCfg,
            group.groupAccess.defaultUpgrade,group.groupAccess.fileBackup,group.groupAccess.ipcCfg,group.groupAccess.sysInfo,
            group.groupAccess.otherCfg,group.groupName);
            rc=db_generalExec(g_userMgntDb,cmd);
            if(rc!=MYSQLITE3_OK){
                sprintf(errReason,"修改的组名不存在，修改失败");
                modify_Fail=1;
            }
        }
    }
    cJSON *rsp,*rspHeader,*rspArr,*rspData;
    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(modify_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
        if(recUser!=NULL){}
            //apiOperateLog_WriteLog(recUser->group.groupName,recUser->userName,req->urlmap.ip,"组权限修改失败",LOG_USRMGNT_TYPE);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        //apiOperateLog_WriteLog(recUser->group.groupName,recUser->userName,req->urlmap.ip,"组权限修改成功",LOG_USRMGNT_TYPE);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }
    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp);
}



void apiUsrMgnt_POST_userAdd(void *data)
{
    HisomeUser recUser,*loginUser=NULL;
    int add_Fail=0,ID_Fail=0;
    int rc;
    int userID=0;
    char errReason[HISOME_LEN_512]={'\0'};
    memset(&recUser,0,sizeof(recUser));
    MyHttpPack* req =(MyHttpPack*)data; 
    cJSON *root;
    root=cJSON_Parse(req->httpReq.hm->body.p);
    if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        add_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        char value[HISOME_LEN_1024];
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"userName");if(value != NULL)strcpy(recUser.userName,value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"userID");if(value != NULL)userID=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"userTextPWD");if(value != NULL)strcpy(recUser.userTextPWD,value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"groupName");if(value != NULL)strcpy(recUser.group.groupName,value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"user9CellPWD");if(value != NULL)strcpy(recUser.user9CellPWD,value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"channels");if(value != NULL)strcpy(recUser.userAccess.channels,value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"preview");if(value != NULL)recUser.userAccess.preview=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"replay");if(value != NULL)recUser.userAccess.replay=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"userMgnt");if(value != NULL)recUser.userAccess.userMgnt=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"PTZ");if(value != NULL)recUser.userAccess.PTZ=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"storeMgnt");if(value != NULL)recUser.userAccess.storeMgnt=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"sysCfg");if(value != NULL)recUser.userAccess.sysCfg=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"eventCfg");if(value != NULL)recUser.userAccess.eventCfg=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"networkCfg");if(value != NULL)recUser.userAccess.networkCfg=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"defaultUpgrade");if(value != NULL)recUser.userAccess.defaultUpgrade=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"fileBackup");if(value != NULL)recUser.userAccess.fileBackup=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"ipcCfg");if(value != NULL)recUser.userAccess.ipcCfg=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"sysInfo");if(value != NULL)recUser.userAccess.sysInfo=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"otherCfg");if(value != NULL)recUser.userAccess.otherCfg=atoi(value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"protectAnswer1");if(value != NULL)strcpy(recUser.protectAnswer1,value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"protectAnswer2");if(value != NULL)strcpy(recUser.protectAnswer2,value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"protectAnswer3");if(value != NULL)strcpy(recUser.protectAnswer3,value);
        cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"remarks");if(value != NULL)strcpy(recUser.remarks,value);
        // cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"errLoginNum");if(value != NULL)recUser.errLoginNum=atoi(value);
        // cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"lockTime");if(value != NULL)recUser.lockTime=atoi(value);
        // cJSON_GetObjectValue(value,HISOME_LEN_1024,root,"actived");if(value != NULL)recUser.actived=atoi(value);
		cJSON_Delete(root);
	}
    loginUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(loginUser== NULL){
        sprintf(errReason,"用户已退出，请重新登录");
        add_Fail=1;
        ID_Fail=1;
    }else{
        if(loginUser->userAccess.userMgnt==0){
            sprintf(errReason,"操作权限受限，操作失败");
            add_Fail=1;
        }else{
            rc=apiUsrMgnt_userAdd(g_userMgntDb,loginUser,&recUser);
            if(rc!=MYSQLITE3_OK){
                sprintf(errReason,"组不存在或用户名已存在");
                add_Fail=1;
            }
        }
    }
    cJSON *rsp,*rspHeader,*rspArr,*rspData;
    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(add_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
        if(ID_Fail==0){
            if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"添加用户失败",LOG_USRMGNT_TYPE);
        }
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"添加用户成功",LOG_USRMGNT_TYPE);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }

    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp);
}



void apiUsrMgnt_DELETE_userDelete(void *data)
{
    HisomeUser recUser,*loginUser=NULL;
    int delete_Fail=0,ID_Fail=0;
    int rc;
    int userID=0;
    char errReason[HISOME_LEN_512]={'\0'};
    memset(&recUser,0,sizeof(recUser));
    MyHttpPack* req =(MyHttpPack*)data; 
    cJSON *root,*test;
    root=cJSON_Parse(req->httpReq.hm->body.p);
    if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        delete_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        if(NULL!=(test=cJSON_GetObjectItem(root,"userName")))
            strcpy(recUser.userName,test->valuestring);
        else{
            sprintf(errReason,"请输入要删除的用户名称");
            delete_Fail=1;
        }
        userID=atoi(cJSON_GetObjectItem(root,"userID")->valuestring);
        cJSON_Delete(root);
    }
    loginUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(loginUser== NULL){
        sprintf(errReason,"用户已退出，请重新登录");
        delete_Fail=1;
        ID_Fail=1;
    }else{
        if(loginUser->userAccess.userMgnt==0){
            sprintf(errReason,"操作权限受限，操作失败");
            delete_Fail=1;
        }else{
                rc=apiUsrMgnt_userDelete(g_userMgntDb,loginUser,&recUser);
                if(rc!=MYSQLITE3_OK){
                    sprintf(errReason,"用户已删除存在，请勿重复操作");
                    delete_Fail=1;
                }
             
        }
    }
    cJSON *rsp,*rspHeader,*rspArr,*rspData;
    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(delete_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","DELETE");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
        if(ID_Fail==0){
            if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"删除用户失败",LOG_USRMGNT_TYPE);
        }
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","DELETE");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"删除用户成功",LOG_USRMGNT_TYPE);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }
    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp);   
}

void apiUsrMgnt_POST_userModify(void *data)
{
    HisomeUser recUser,*loginUser=NULL;
    int modify_Fail=0,ID_Fail=0;
    int userID=0;
    int rc;
    char errReason[HISOME_LEN_512]={'\0'};
    char newuserPWD[HISOME_LEN_256]={'\0'};
    char olduserPWD[HISOME_LEN_256]={'\0'};
    char cmd[4096]={'\0'};
    memset(&recUser,0,sizeof(recUser));
    MyHttpPack* req =(MyHttpPack*)data; 
    cJSON *root,*test;
    root=cJSON_Parse(req->httpReq.hm->body.p);
    if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        modify_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        if(NULL!=(test=cJSON_GetObjectItem(root,"userName")))
            strcpy(recUser.userName,test->valuestring);
        else{
            sprintf(errReason,"请输入要修改的用户名称");
            modify_Fail=1;
        }
        if(NULL!=(test=cJSON_GetObjectItem(root,"newPassword")))
            strcpy(newuserPWD,test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"oldPassword")))
            strcpy(olduserPWD,test->valuestring);
        userID=atoi(cJSON_GetObjectItem(root,"userID")->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"groupName")))
            strcpy(recUser.group.groupName,test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"channels")))
            strcpy(recUser.userAccess.channels,test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"preview")))
            recUser.userAccess.preview=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"replay")))
            recUser.userAccess.replay=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"userMgnt")))
            recUser.userAccess.userMgnt=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"PTZ")))
            recUser.userAccess.PTZ=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"storeMgnt")))
            recUser.userAccess.storeMgnt=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"sysCfg")))
            recUser.userAccess.sysCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"eventCfg")))
            recUser.userAccess.eventCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"networkCfg")))
            recUser.userAccess.networkCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"defaultUpgrade")))
            recUser.userAccess.defaultUpgrade=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"fileBackup")))
            recUser.userAccess.fileBackup=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"ipcCfg")))
            recUser.userAccess.ipcCfg=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"sysInfo")))
            recUser.userAccess.sysInfo=atoi(test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"otherCfg")))
            recUser.userAccess.otherCfg=atoi(test->valuestring);
		cJSON_Delete(root);
	}
    char **qResult=NULL;
    char *errMsg;
    int rows,columns;
    int j;
    //char cmd[HISOME_LEN_2048]={'\0'};
    sprintf(cmd,"select * from %s where userName=\"%s\"",USERMGNT_USERS_TBL,recUser.userName);
    rc = sqlite3_get_table(g_userMgntDb,cmd,&qResult,&rows,&columns,&errMsg);
    if(rc != SQLITE_OK){
        PRTLOG_ERR("select table:%s fail:SQL error: %s\n",USERMGNT_USERS_TBL,errMsg);
        sqlite3_free(errMsg);
        sprintf(errReason,"用户名：%s不存在",recUser.userName);
        modify_Fail=1;
    }else{
        for(j=0;j<columns;j++){  
            if(!strcmp(qResult[j],"userTextPWD"))
                strcpy(recUser.userTextPWD,qResult[columns+j]); 
        }
        if(qResult)sqlite3_free_table(qResult);
    }
    loginUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(loginUser == NULL){
        sprintf(errReason,"用户已退出，请重新登录");
        modify_Fail=1;
        ID_Fail=1;
    }else{
         if(loginUser->userAccess.userMgnt==0){
             sprintf(errReason,"操作权限受限，操作失败");
             modify_Fail=1;
        }else{
            if(strlen(olduserPWD)==0){
                sprintf(cmd,"UPDATE \"%s\" set userMgnt=%d,preview=%d,replay=%d,PTZ=%d,"\
			    "storeMgnt=%d,sysCfg=%d,eventCfg=%d,networkCfg=%d,"\
			    "defaultUpgrade=%d,fileBackup=%d,ipcCfg=%d,sysInfo=%d,"\
			    "otherCfg=%d where userName=\"%s\";",
			    USERMGNT_USERS_TBL,recUser.userAccess.userMgnt,recUser.userAccess.preview,recUser.userAccess.replay,recUser.userAccess.PTZ,
                recUser.userAccess.storeMgnt,recUser.userAccess.sysCfg,recUser.userAccess.eventCfg,recUser.userAccess.networkCfg,
                recUser.userAccess.defaultUpgrade,recUser.userAccess.fileBackup,recUser.userAccess.ipcCfg,recUser.userAccess.sysInfo,
                recUser.userAccess.otherCfg,recUser.userName);
                rc=db_generalExec(g_userMgntDb,cmd);
                if(rc!=MYSQLITE3_OK){
                    sprintf(errReason,"用户不存在，操作失败");
                    modify_Fail=1;
                }
            }else{
                if(0!=strcmp(recUser.userTextPWD,olduserPWD)){
                sprintf(errReason,"原始密码不正确");
                modify_Fail=1;
                }else{
                    sprintf(cmd,"UPDATE \"%s\" set groupName=\"%s\",userTextPWD=\"%s\",channels=\"%s\",userMgnt=%d,preview=%d,replay=%d,PTZ=%d,"\
			        "storeMgnt=%d,sysCfg=%d,eventCfg=%d,networkCfg=%d,"\
			        "defaultUpgrade=%d,fileBackup=%d,ipcCfg=%d,sysInfo=%d,"\
			        "otherCfg=%d where userName=\"%s\";",
			        USERMGNT_USERS_TBL,recUser.group.groupName,newuserPWD,recUser.userAccess.channels,recUser.userAccess.userMgnt,recUser.userAccess.preview,recUser.userAccess.replay,recUser.userAccess.PTZ,
                    recUser.userAccess.storeMgnt,recUser.userAccess.sysCfg,recUser.userAccess.eventCfg,recUser.userAccess.networkCfg,
                    recUser.userAccess.defaultUpgrade,recUser.userAccess.fileBackup,recUser.userAccess.ipcCfg,recUser.userAccess.sysInfo,
                    recUser.userAccess.otherCfg,recUser.userName);
                    rc=db_generalExec(g_userMgntDb,cmd);
                    if(rc!=MYSQLITE3_OK){
                        sprintf(errReason,"用户不存在，操作失败");
                        modify_Fail=1;
                    }
                }
            }
        }
    }
    cJSON *rsp,*rspHeader,*rspArr,*rspData;
    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(modify_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
        if(ID_Fail==0){
            if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"用户权限修改失败",LOG_USRMGNT_TYPE);
        }
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"用户权限修改成功",LOG_USRMGNT_TYPE);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }
    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp);
}

void apiUsrMgnt_POST_passwordReset(void *data)
{
    HisomeUser recUser,*loginUser=NULL;
    int reset_Fail=0,ID_Fail=0;
    char errReason[HISOME_LEN_512]={'\0'};
    int userID=0;
    char userName[HISOME_LEN_256]={'\0'};
    char newuserPWD[HISOME_LEN_256]={'\0'};
    char olduserPWD[HISOME_LEN_256]={'\0'};
    int j;
    bool actived=1;
    memset(&recUser,0,sizeof(recUser));
    MyHttpPack* req =(MyHttpPack*)data; 
    cJSON *root,*test;
    root=cJSON_Parse(req->httpReq.hm->body.p);
    if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        reset_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        userID=atoi(cJSON_GetObjectItem(root,"userID")->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"userName")))
            strcpy(userName,test->valuestring);
        else{
            sprintf(errReason,"请输入要修改的用户名称");
            reset_Fail=1;
        }
        if(NULL!=(test=cJSON_GetObjectItem(root,"newPassword")))
            strcpy(newuserPWD,test->valuestring);
        else{
            sprintf(errReason,"请输入正确格式的新密码");
            reset_Fail=1;
        }
        if(NULL!=(test=cJSON_GetObjectItem(root,"oldPassword")))
            strcpy(olduserPWD,test->valuestring);
        else{
            sprintf(errReason,"请输入正确格式的原始密码");
            reset_Fail=1;
        }
        cJSON_Delete(root);
    }
    char **qResult=NULL;
    char *errMsg;
    int rows,columns;
    int rc =0;
    char cmd[HISOME_LEN_2048]={'\0'};
    sprintf(cmd,"select * from %s where userName=\"%s\"",USERMGNT_USERS_TBL,userName);
    rc = sqlite3_get_table(g_userMgntDb,cmd,&qResult,&rows,&columns,&errMsg);
    if(rc != SQLITE_OK){
        PRTLOG_ERR("select table:%s fail:SQL error: %s\n",USERMGNT_USERS_TBL,errMsg);
        sqlite3_free(errMsg);
        sprintf(errReason,"用户名：%s不存在",userName);
        reset_Fail=1;
    }else{
        for(j=0;j<columns;j++){
            if(!strcmp(qResult[j],"userName"))
                strcpy(recUser.userName,qResult[columns+j]);   
            else if(!strcmp(qResult[j],"userTextPWD"))
                strcpy(recUser.userTextPWD,qResult[columns+j]); 
        }
        if(qResult)sqlite3_free_table(qResult);
    }
    loginUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(loginUser == NULL){
        sprintf(errReason,"用户已退出，请重新登录");
        reset_Fail=1;
        ID_Fail=1;
    }else{
            if(0!=strcmp(recUser.userTextPWD,olduserPWD)){
                sprintf(errReason,"原始密码不正确");
                reset_Fail=1;
            }else{
                char upcmd[4096]={'\0'};
                sprintf(upcmd,"UPDATE %s  set userTextPWD=\"%s\",actived=%d  where userName=\"%s\";",
                USERMGNT_USERS_TBL,newuserPWD,actived,recUser.userName);
                if(MYSQLITE3_OK != db_generalExec(g_userMgntDb,upcmd)){
                    sprintf(errReason,"修改用户不存在，修改密码失败");
                    reset_Fail=1;
                }
            } 
    }
    
    cJSON *rsp,*rspHeader,*rspArr,*rspData;
    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(reset_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
        if(ID_Fail==0){
            if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"用户密码修改失败",LOG_USRMGNT_TYPE);
        }
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"用户密码修改成功",LOG_USRMGNT_TYPE);
      	//apiUsrMgnt_deleteOn_LINEUser(userID);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }
    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp);
}

void apiUsrMgnt_DELETE_passwordProtect(void *data)
{
    HisomeUser recUser,*loginUser=NULL;
    int set_Fail=0,ID_Fail=0;
    char errReason[HISOME_LEN_512]={'\0'};
    int userID=0;
    memset(&recUser,0,sizeof(recUser));
    MyHttpPack* req =(MyHttpPack*)data; 
    cJSON *root,*test;
    root=cJSON_Parse(req->httpReq.hm->body.p);
    if (!root) {
        sprintf(errReason,"Recv Data is Wrong");
        set_Fail=1;
        PRTLOG_ERR("Error before: [%s]",cJSON_GetErrorPtr());
    }else{
        userID=atoi(cJSON_GetObjectItem(root,"userID")->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"protectQuestion1")))
            strcpy(recUser.protectAnswer1,test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"protectQuestion2")))
            strcpy(recUser.protectAnswer2,test->valuestring);
        if(NULL!=(test=cJSON_GetObjectItem(root,"protectQuestion3")))
            strcpy(recUser.protectAnswer3,test->valuestring);
    }
    loginUser=apiUsrMgnt_findOn_LINEUser(userID);
    if(loginUser == NULL){
        sprintf(errReason,"用户已退出，请重新登录");
        set_Fail=1;
        ID_Fail=1;
    }else{
            if(loginUser->userAccess.userMgnt==0){
                sprintf(errReason,"操作权限受限，操作失败");
                set_Fail=1;
             }else{
                    char cmd[4096]={'\0'};
                    sprintf(cmd,"UPDATE %s set protectAnswer1=\"%s\",protectAnswer2=\"%s\",protectAnswer3=\"%s\"  where userName=\"%s\";",
                    USERMGNT_USERS_TBL,recUser.protectAnswer1,recUser.protectAnswer2,recUser.protectAnswer3,loginUser->userName);
                    if(MYSQLITE3_OK != db_generalExec(g_userMgntDb,cmd)){
                    sprintf(errReason,"密保用户不存在，密保设置失败");
                    set_Fail=1;
                }
            }
    }
    cJSON *rsp,*rspHeader,*rspArr,*rspData;
    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(set_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","DELETE");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
        if(ID_Fail==0){
            if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"密保设置失败",LOG_USRMGNT_TYPE);
        }
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","DELETE");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        if(loginUser!=NULL){}//apiOperateLog_WriteLog(loginUser->group.groupName,loginUser->userName,req->urlmap.ip,"密保设置成功",LOG_USRMGNT_TYPE);
        cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
 
    }
    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp); 
}





void apiUsrMgnt_POST_IAmGUI(void *data)
{
    int post_Fail=0;
    char errReason[HISOME_LEN_512]={'\0'};
    char ip[HISOME_LEN_128]={'\0'};
    int same=0;
    MyHttpPack* req =(MyHttpPack*)data; 
    strcpy(ip,req->urlmap.ip);
    if(strlen(ip)>=7){
        PRTLOG_ERR("%s i am gui",ip);
       ///GET the IP
        int i=0;
        for(i=0;i<NVR_MAX_GUICLIENT_NUM;i++){
            if(strcmp(g_GUIClientList[i].gui_ip,ip)==0){
                same=1;   
            }
        }
        if(same == 0){
            for(i=0;i<NVR_MAX_GUICLIENT_NUM;i++){
                if(strlen(g_GUIClientList[i].gui_ip)<7){
                    memset(g_GUIClientList[i].gui_ip,0,sizeof(g_GUIClientList[i].gui_ip));
                    strcpy(g_GUIClientList[i].gui_ip,ip);
                    break;
                }
            }
        }
    }
    cJSON *rsp,*rspHeader,*rspArr,*rspData;
    rsp=cJSON_CreateArray();
    rspHeader = cJSON_CreateObject();
    rspData = cJSON_CreateObject();
    if(post_Fail){
        cJSON_AddStringToObject(rspHeader,"result","FAIL");
        cJSON_AddStringToObject(rspHeader,"method","POST");
	    cJSON_AddItemToObject(rspHeader, "data", rspArr=cJSON_CreateArray());
        cJSON_AddStringToObject(rspData,"reason",errReason);
         cJSON_AddItemToArray(rsp,rspHeader);
        cJSON_AddItemToArray(rspArr,rspData);
    }else{
        cJSON_AddStringToObject(rspHeader,"result","SUCCESS");
        cJSON_AddStringToObject(rspHeader,"method","POST");
        cJSON_AddItemToArray(rsp,rspHeader);
    }

    com_httpPack(req->httpReq.nc,rsp);
    cJSON_Delete(rsp);
}


//online users operate
HisomeUser * userMgnt_findOnlineUser(int userID){
    int i;
    for(i=0;i<MAX_ONLINE_USERNUM;i++){
        if(g_loginUsers[i].userID == userID){
            if(g_loginUsers[i].userID != 20192020){
                int cu = time(0);
                if(cu - g_loginUsers[i].lastOperateTime > 10*60){
                    memset(&g_loginUsers[i],0,sizeof(g_loginUsers[i]));
                    return NULL;
                }else{
                    g_loginUsers[i].lastOperateTime = cu;
                    return &g_loginUsers[i];
                }
            }else{
                return &g_loginUsers[i];
            }
            
        }
    }
    return NULL;
}

/*run State db operate*/
void  userMgnt_addDftUser(){

    HisomeUser GUIuser;
    HisomeGroup GUIgroup;
    apiUsrMgnt_resetHisomeUser(&GUIuser,1);
    memset(&GUIuser,0,sizeof(GUIuser));
    strcpy(GUIuser.userName,"GUIR1VJ");
    strcpy(GUIuser.group.groupName,"GUIR1VJ");
    strncpy(GUIuser.userName,"GUIR1VJ",strlen("GUIR1VJ"));
    strncpy(GUIuser.userTextPWD,"admin",strlen("admin"));
    strncpy(GUIuser.user9CellPWD,"321478965",strlen("321478965"));
    strncpy(GUIuser.protectAnswer1,"HISOME",strlen("HISOME"));
    strncpy(GUIuser.protectAnswer2,"Hangzhou",strlen("Hangzhou"));
    strncpy(GUIuser.protectAnswer3,"ZhengZhou",strlen("ZhengZhou"));
    GUIuser.actived=1;
    apiUsrMgnt_resetHisomeGroup(&GUIgroup,1);
    strncpy(GUIgroup.groupName,"adminYWRtaW4=",strlen("adminYWRtaW4="));
    strncpy(GUIgroup.remarks,"can not delete",strlen("can not delete")); 
    memcpy(&GUIuser.group,&GUIgroup,sizeof(GUIgroup));
    apiUsrMgnt_resetHisomeAccess(&GUIuser.userAccess,1);
    GUIuser.userAccess.preview=1;
    GUIuser.userAccess.replay=1;
    // recUser.userID = random()%20191016;
    GUIuser.userID =20192020;
    strncpy(GUIuser.remarks,"can not delete",strlen("can not delete"));
    usrMgnt_addOnineUser(&GUIuser);
}
